You will see the protection operating by querying your firewall for requests to http://sitecheck2.opera.com.

The Washington Post has an article about this, and also some weaknesses, like sending the query clear text, having a weak HMAC so you can reverse engineer the process, or, if you are a malware / phishing 'vendor' querying to see when you need to change hostnames.

It seems performance is not very good. The report says that on a sample page with nearly 3 dozen bad links, the browser blocked just two.